1 Reply Latest reply on Jul 22, 2010 12:32 PM by April Jacobs

    Backdoor virus not detected,causeing issues with MIS,MVT,IE.PLEASE HELP!


      I had a full scan two days ago which detected a virus and fixed it.Later I discovered a process running which was takeing up a high amount of page file and CPU,"dtr.exe".I ended it and continued as normal which turned out my firewall was turned off and sometimes when that process was running completely shuts down MIS and causes IE to go unresponsive unless you run it without addons(basic).Of course I googled it because every virus site has nothing on it and a few tech sites go on to say that it's a backdoor virus which writes new regitstry keys and creates an infected file which if not can cause some good damage to the computer.I found a few steps to get rid of it manually but didn't get all the files and keys taken care of.

      The following is from another site which wants me to download their antivirus to remove it.....Please take a look at this and get the definitions to remove this before I have a complete crash I trust McAfee and recomend it to everyone and this virus can definitely take down computers if left untreated.


      File Behavior

      DTR.EXE has been seen to perform the following behavior:

      • Adds products to the system registry
      • Writes to another Process's Virtual Memory (Process Hijacking)
      • Executes a Process
      • Adds a Registry Key (RUN) to auto start Programs on system start up
      • Can communicate with other computer systems using HTTP protocols
      • Removes Scheduled Tasks from the Windows task queue
      • This process creates other processes on disk
      • Creates or uses a background service to access the Internet using HTTP protocols
      • Injects code into other processes
      • This Process Deletes Other Processes From Disk

      DTR.EXE has been the subject of the following behavior:

      • Added as a Registry auto start to load Program on Boot up
      • Created as a process on disk
      • Executed as a Process
      • Has code inserted into its Virtual Memory space by other programs
      • Terminated as a Process


      File Name Aliases

      DTR.EXE can also use the following file names:

      • DTX.EXE
      • 72177188.EXE
      • 43885598.EXE
      • 57160724.EXE


      The following file size has been seen:

      • 128,512 bytes
      • 558,944 bytes
      • 29,937,664 bytes
      • 106,496 bytes

      File Type

      The filename DTR.EXE refers to many versions of an executable program.